How to Plan a New (and Improved!) Password Policy for Real-World Security Challenges
Many organizations struggle with password policies that look strong on paper but fail in practice because they’re too rigid to...
Read more →Category: TheHackerNews
Researchers Uncover Backdoor in Solana’s Popular Web3.js npm Library
Dec 04, 2024Ravie LakshmananSupply Chain Attack Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js...
Read more →
Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses
Dec 04, 2024Ravie LakshmananEmail Security / Malware Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted...
Read more →
Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks
Dec 04, 2024Ravie Lakshmanan A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a...
Read more →
Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access
Dec 04, 2024Ravie LakshmananVulnerability / Software Security A critical security vulnerability has been disclosed in SailPoint’s IdentityIQ identity and access...
Read more →
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
Dec 04, 2024Ravie LakshmananVulnerability / Ransomware Veeam has released security updates to address a critical flaw impacting Service Provider Console...
Read more →
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
Dec 03, 2024Ravie LakshmananVulnerability / Network Security Cisco on Monday updated an advisory to warn customers of active exploitation of...
Read more →
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise
Dec 03, 2024Ravie LakshmananEndpoint Security / Vulnerability Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and...
Read more →
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
Dec 03, 2024Ravie LakshmananThreat Intelligence / Email Security The North Korea-aligned threat actor known as Kimsuky has been linked to...
Read more →
SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan
Dec 02, 2024Ravie LakshmananMalware / Cryptocurrency Taiwanese entities in manufacturing, healthcare, and information technology sectors have become the target of...
Read more →
Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads
Dec 03, 2024Ravie LakshmananMalware / Phishing Attack A newly discovered malware campaign has been found to target private users, retailers,...
Read more →
A Guide to Securing AI App Development: Join This Cybersecurity Webinar
Dec 02, 2024The Hacker NewsAI Security / Data Protection Artificial Intelligence (AI) is no longer a far-off dream—it’s here, changing...
Read more →